﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using PragmaticMVC.Models;

namespace PragmaticMVC.Security
{
    public class PragmaticAuthorization
    {
        public class AllowRegistrationAttribute : AuthorizeAttribute
        {
            protected override bool AuthorizeCore(HttpContextBase httpContext)
            {
                string[] roles = UsersRolesContext.GetRolesByContext("AllowRegistration");

                if (roles.Any(r => HttpContext.Current.User.IsInRole(r)))
                {
                    return true;
                }

                // fall back
                return base.AuthorizeCore(httpContext);
            }
        }
    }
}
